Searchable Encrypted Relational Databases: Risks and Countermeasures

Abdelraheem, Mohamed Ahmed; Andersson, Tobias; Gehrmann, Christian

Searchable Encrypted Relational Databases: Risks and Countermeasures

Mark

Abdelraheem, Mohamed Ahmed ; Andersson, Tobias and Gehrmann, Christian ^LU (2017) In Cryptology ePrint Archive 2017(24). p.1-20

Abstract: We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on un- structured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.

Please use this url to cite or link to this publication: https://lup.lub.lu.se/record/218bd047-d6ca-4112-9147-4e4d087b4910

author

Abdelraheem, Mohamed Ahmed ; Andersson, Tobias and Gehrmann, Christian ^LU

organization

publishing date

2017-01-10

type

Contribution to specialist publication or newspaper

publication status

published

subject

Other Electrical Engineering, Electronic Engineering, Information Engineering

keywords

searchable symmetric encryption, relational databases, inference attacks, injection attacks, privacy constraints, vertical fragmentation

in

Cryptology ePrint Archive

volume

2017

issue

24

pages

20 pages

publisher

IACR

external identifiers

scopus:85030152876

language

English

LU publication?

yes

id

218bd047-d6ca-4112-9147-4e4d087b4910

alternative location

http://eprint.iacr.org/2017/024

date added to LUP

2018-09-14 10:12:30

date last changed

2022-04-25 17:16:33

@misc{218bd047-d6ca-4112-9147-4e4d087b4910,
  abstract     = {{We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on un- structured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.}},
  author       = {{Abdelraheem, Mohamed Ahmed and Andersson, Tobias and Gehrmann, Christian}},
  keywords     = {{searchable symmetric encryption; relational databases; inference attacks; injection attacks; privacy constraints; vertical fragmentation}},
  language     = {{eng}},
  month        = {{01}},
  number       = {{24}},
  pages        = {{1--20}},
  publisher    = {{IACR}},
  series       = {{Cryptology ePrint Archive}},
  title        = {{Searchable Encrypted Relational Databases: Risks and Countermeasures}},
  url          = {{http://eprint.iacr.org/2017/024}},
  volume       = {{2017}},
  year         = {{2017}},
}

Lund University Publications

LUND UNIVERSITY LIBRARIES

Searchable Encrypted Relational Databases: Risks and Countermeasures